After leading the Drupal security team for a long time, Karoly Negyesi (chx) is stepping down due to other commitments. Heine Deelstra (Heine) is taking on this important responsibility.

Karoly will still be on the security team, just not heading the team anymore.

The Drupal community would like to take this opportunity to thank Karoly for all his security team contributions in the past and look for more in the future. We also wish Heine the best in his new and challenging role.

We would like to remind all community members to take a few moments to review the past Drupal security announcements and either apply the necessary patches or upgrade to the latest version. We also would like to remind anyone who suspects a Drupal security issue to report this using the contact form (with 'security issue' in the category), and not the normal project issue process.


greggles’s picture

Yes, a hearty thanks to chx and welcome to heine.

Drupal is regarded relatively well among the PHP tools in the world as one of the few relatively secure systems. Thanks to chx, heine, and everyone on the security team for their work to make that the case.

Growing Venture Solutions
Drupal Implementation and Support in Denver, CO

-- :)

bertboerland’s picture

for running a tight ship!

and good luck heine

bert boerland

ac’s picture

Thanks! and good job
Alex Cochrane
Spoon Media

rszrama’s picture

Many thanks for your hard work. I am clueless when it comes to all the security issues floating around out there and am glad to have people like you watching my back! ^_^

calebgilbert’s picture chx and Heine and everyone else who contributes to Drupal. Haven't taken the chance to express my appreciation so openly before and this seemed like as good a place and time as any.

Walt Esquivel’s picture

...for all your outstanding contributions. I greatly appreciate your dedication.

I'm very glad to have outstanding folks such as the two of you (and of course the other folks on the security team!) doing such a wonderful job keeping up with everything and ensuring Drupal's security is the best!


Walt Esquivel, MBA; MA; President, Wellness Corps; Captain, USMC (Veteran)
$50 Hosting Discount Helps Projects Needing Financing

Ian Ward’s picture

Thank you chx for all the work you've put in. Thank you Heine, and to the team.

Ian’s picture

--hugs-- chx, hopefully you'll still be around even though you stepped down. Thanks for all the great work you've done.

Welcome, Heine!


forngren’s picture

Great work from both of you! The Drupal community owes you a lot!

jeforma’s picture

thanks for everything you did CHX and good luck to you Heine!! :)

Visit for all your gaming needs.

sami_k’s picture

Much love to both chx and heine. Thanks for all of your efforts, without you Drupal really wouldn't be the great and SECURE cms that it is!

Steve Dondley’s picture


Get better help from Drupal's forums and read this.

mwu’s picture

I've been reading up on security. I was very impressed that on, you'd see a problem with "here is the fix from Drupal" and right next to it would be Wordpress (or someone else similar) with "no response from vendor"

thank you very much security team. One of the most important reason to go with Drupal -- immediate security fixes.

chx’s picture

I am moved by this thread, really. I am very happy that you all are satisfied with the Drupal security.

And while I am still around, my job sometimes occupies me so much that I can no longer responsibly be the leader.
The news is Now Public | Drupal development: making the world better, one patch at a time.

Drupal development: making the world better, one patch at a time. | A bedroom without a teddy is like a face without a smile.